blog:set_rights_of_files_in_public_html
This is an old revision of the document!
Set rights of files in public_html
#!/bin/bash - #=============================================================================== # # FILE: fixphrights.sh # # Usage: ./fixphrights.sh # # Description: Set rights of user /home/*/public_html directors in a secure # and useful way # - all files/directories get chown user:www-data, so users own them # and the webserver has group access # - group www-data is added # g+r for files (webserver can read all files) # g+rsx for directories (webserver can read and change into all directories) # - o-rights (for all) are completely removed, so shell users can't read # files of other users (possibly containing passwords etc). # This can be run in a cronjob and will fix rights every five minutes, e.g.: # Crontab entry: # 5 */1 * * * root nice /home/brb/bin/fixphrights.sh # Options: none # Requirements: --- # BUGS: --- # Notes: --- # Author: Bernhard Brunner (bn), bernhard.brunner@epr.ch # Company: epr.ch # Created: 2011/03/11 07:33 # Last modified: 2011/03/11 07:40 # Revision: --- #=============================================================================== set -o nounset # Treat unset variables as an error setrights () { echo $1 cd /home/$1 mkdir -p public_html cd public_html find . -type d -print0 | xargs -0 chown $1:www-data find . -type d -print0 | xargs -0 chmod u+s,g+rsx,o-rwx find . -type f -print0 | xargs -0 chown $1:www-data find . -type f -print0 | xargs -0 chmod g+r,o-rwx chown $1:www-data . chmod u+x,g+rx,o-rwx . # chmod u+x } # ---------- end of function setrights ---------- cd /home for i in * ; do echo $i if [[ "$i" != "lost+found" ]] ; then setrights $i fi done
Ref: http://ubuntuincident.wordpress.com/2010/11/21/setting-rights-for-public_html/
~~LINKBACK~~
blog/set_rights_of_files_in_public_html.1299825827.txt.gz · Last modified: 2011-03-11 07:43 by brb
Discussion